Saturday, January 8, 2011

GnuPG Project In Chaos:
Avoid For Now

 . . .
Apologies to readers for taking a long break. I've started writing again today. This first post of the year is extremely sad for me personally:

I was once quite a champion of GnuPG for Mac, put up with the massive geek factor and had it working perfectly. But these days GnuPG is broken on Mac OS X 10.6.x. Don't bother playing with it unless you're one of the developers, it's that nasty at the moment.

I've attempted many times over the last full year to help the project, saw great hope last spring, only to have hope dashed this winter with a cacophony of developer infighting, endlessly frustrated would-be users, censored list posts, and chaos all round. I have never seen this before and hope I never do again. RUN AWAY from this software for now, until... (all join hands and pray) ...someone sane takes over the project and straightens out the bloody mess. Until then, I wish the project well.



  1. How's GnuPG seem now, a year later?

    PGP from Symantec is utterly horrible.

  2. Great question Franklin! GnuPG is now EXCELLENT! Use it!

    I've been participating in the beta testing of GnuPG over the past year and could not be happier with the top notch dedication of the project developers! It remains a rather geek-oriented technology with a learning curve. But it has been made remarkably easier to install and configure.

    Occasionally I run into odd problems where a digital signature can't be verified in an email. But I've found these are typically due to the email messages being altered somewhere along their travels on the Internet. That of course messes up the point of digital signing, but the problem is entirely up to servers out on the net. Yahoo of course is one of the sources of these problems. Forget about their Yahoo Groups servers keeping email messages intact.

    Encrypting and digitally signing everything is in our future, considering the insistent US citizen surveillance on US soil being shoved through the US Congress by the RIAA, MPAA and Chamber of Commerce. Everyone might as well get the hang of GnuPG sooner rather than later if they want to maintain their US Constitutional rights to privacy.

    Hopefully I'll be writing a series of articles this year about encryption. I'm beginning a set of short and simple classes about encryption at my local PC User' Group and expect the classes will translate into articles published here.

    I'm sorry to hear about PGP suffering under Symantec's rule. I'd pester Symantec as I have found them occasionally responsive. At one point Symantec totally crashed OpenID, which they obtained along with Verisign. I sent them a right good rant about the problem and they fixed it up in short order. Symantec are not totally hopeless, just mostly hopeless.